Cyberattack Through Your ReCaptcha Link
There are warnings of a cyberattack being brought about APT28- a threat actor group alleged to have links with the Russian military also known as “Fancy Bear.” The warning about the cyberattack came from the Ukrainian agency CERT-A.
In the cyberattack, the attacker sends a link that delivers what appears to be a Google reCAPTCHA bot-detection dialog. Ticking the checkbox asking for confirmation in response to the “I am not a robot” question will initiate a malicious PowerShell command instruction to the user’s clipboard. In this attack the Fancy Bear threat group is relying upon, certainly not something that would arouse suspicion in the user, as the tools like reCAPTCHA are typically ones that build the confidence of the user. Read more about this story on our LinkedIn page
In the cyberattack, the attacker sends a link that delivers what appears to be a Google reCAPTCHA bot-detection dialog. Ticking the checkbox asking for confirmation in response to the “I am not a robot” question will initiate a malicious PowerShell command instruction to the user’s clipboard. In this attack the Fancy Bear threat group is relying upon, certainly not something that would arouse suspicion in the user, as the tools like reCAPTCHA are typically ones that build the confidence of the user. Read more about this story on our LinkedIn page